Mic92/chef-lctp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

get network working

Browse Source
This commit is contained in:
Jörg Thalheim 2014-01-27 11:13:56 +01:00
parent e980e0bfda
commit db701f3a5b
25 changed files with 266 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Berksfile
View File

@ -4,6 +4,7 @@ site :opscode
cookbook "apt" cookbook "apt"
cookbook "minitest-handler" cookbook "minitest-handler"
cookbook "network_interfaces"
def own_cookbook(name,opts={}) def own_cookbook(name,opts={})
opts = { path: "site-cookbooks/#{name}"}.merge!(opts) opts = { path: "site-cookbooks/#{name}"}.merge!(opts)
@ -14,3 +15,4 @@ own_cookbook "dhcp"
own_cookbook "bind" own_cookbook "bind"
own_cookbook "ntp" own_cookbook "ntp"
own_cookbook "main" own_cookbook "main"
own_cookbook "lctp-network"

31
nodes/node0.json
View File

@ -1,25 +1,32 @@
{ {
"main": { "lctp_network" : {
"head_node": { "domain_servers": ["127.0.0.1"],
"internal_ip": "172.28.128.1" "search_domains": ["lctp"],
"interfaces": {
"eth0": { },
"eth1": {
"static_ip": "172.28.128.1",
"netmask": "255.255.255.0"
}
} }
}, },
"dhcp" : { "dhcp" : {
"domain": { "domain": {
"name": "lctp", "names": ["lctp"],
"server": "node0.lctp" "servers": ["172.28.128.1"]
}, },
"interface": "eth1", "ntp_servers": ["172.28.128.1"],
"interfaces": ["eth1"],
"subnet": { "subnet": {
"gateway": "node0.lctp", "gateway": "172.28.128.1",
"prefix": "172.28.128.0", "prefix": "172.28.128.0",
"netmask": "255.255.255.0" "netmask": "255.255.255.0"
}, },
"hosts": [{ "hosts": {
"name": "node1", "node1": {
"mac": "5c:a1:ab:1e:00:01", "mac": "5c:a1:ab:1e:00:02"
"ip": "172.28.128.101" }
}] }
}, },
"ntp" : { "ntp" : {
"subnets": ["::1", "127.0.0.1", "172.28.128.0/24"] "subnets": ["::1", "127.0.0.1", "172.28.128.0/24"]

9
nodes/node1.json
View File

@ -1 +1,8 @@
{} {
"lctp_network": {
"interfaces": {
"eth0": { "metric": 100 },
"eth1": { "metric": 50 }
}
}
}

9
site-cookbooks/dhcp/attributes/default.rb
View File

@ -1,7 +1,8 @@
default.dhcp.domain.name = "privat" default.dhcp.domain.names = []
default.dhcp.domain.server = "ns.privat" default.dhcp.domain.servers = []
default.dhcp.hosts = [] default.dhcp.ntp_servers = []
default.dhcp.interface = "eth0" default.dhcp.hosts = {}
default.dhcp.interfaces = ["eth0"]
default.dhcp.subnet.prefix = "192.168.2.0" default.dhcp.subnet.prefix = "192.168.2.0"
default.dhcp.subnet.netmask = "255.255.255.0" default.dhcp.subnet.netmask = "255.255.255.0"
default.dhcp.subnet.gateway = "192.168.2.1" default.dhcp.subnet.gateway = "192.168.2.1"

23
site-cookbooks/dhcp/templates/default/dhcpd.conf.erb
View File

@ -1,18 +1,29 @@
# dhcpd.conf for <%= @node.name %> managed by Chef. Changes will be overwritten. # dhcpd.conf for <%= @node.name %> managed by Chef. Changes will be overwritten.
default-lease-time 600; default-lease-time 600;
max-lease-time 7200; max-lease-time 7200;
# option definitions common to all supported networks...
option domain-name <%= @node.dhcp.domain.name %>; <% if @node.dhcp.domain.names.size > 0 %>
option domain-name-servers <%= @node.dhcp.domain.server %>; option domain-name <%= @node.dhcp.domain.names.join(" ") %>;
<% end %>
<% if @node.dhcp.domain.servers.size > 0 %>
option domain-name-servers <%= @node.dhcp.domain.servers.join(" ") %>;
<% end %>
<% if @node.dhcp.ntp_servers.size > 0 %>
option ntp-servers <%= @node.dhcp.ntp_servers.join(" ") %>;
<% end %>
subnet <%= @node.dhcp.subnet.prefix %> netmask <%= @node.dhcp.subnet.netmask%> { subnet <%= @node.dhcp.subnet.prefix %> netmask <%= @node.dhcp.subnet.netmask%> {
option routers <%= @node.dhcp.subnet.gateway%>; option routers <%= @node.dhcp.subnet.gateway%>;
} }
<% @node.dhcp.hosts.each do |host| -%> <% @node.dhcp.hosts.each do |name, host| -%>
host <%= host.name %> { host <%= name %> {
hardware ethernet <%= host.mac %>; hardware ethernet <%= host.mac %>;
fixed-address <%= "#{host.name}.#{@node.dhcp.domain.name}" %>; <% if host.attribute?("ip") %>
fixed-address <%= "#{host.ip}" %>;
<% else %>
fixed-address <%= "#{name}.#{@node.dhcp.domain.names.first}" %>;
<% end %>
use-host-decl-names true; use-host-decl-names true;
} }
<% end -%> <% end -%>

2
site-cookbooks/dhcp/templates/default/isc-dhcp-server.erb
View File

@ -1,2 +1,2 @@
# /etc/default/isc-dhcp-server for <%= @node.name %> managed by Chef. Changes will be overwritten. # /etc/default/isc-dhcp-server for <%= @node.name %> managed by Chef. Changes will be overwritten.
INTERFACES="<%= @node.dhcp.interface %>" INTERFACES="<%= @node.dhcp.interfaces.join(" ") %>"

3
site-cookbooks/lctp-network/attributes/default.rb Normal file
View File

@ -0,0 +1,3 @@
default.lctp_network.interfaces = {}
default.lctp_network.domain_servers = []
default.lctp_network.search_domains = []

1
site-cookbooks/lctp-network/attributes/router.rb Normal file
View File

@ -0,0 +1 @@
default.lctp_network.gateway_device = "eth0"

9
site-cookbooks/lctp-network/files/default/interfaces Normal file
View File

@ -0,0 +1,9 @@
# Interfaces managed by Chef. Changes will be overwritten.
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
source /etc/network/interfaces.d/*

4
site-cookbooks/lctp-network/files/default/iptables-load Normal file
View File

@ -0,0 +1,4 @@
#!/bin/sh
# iptables-load managed by Chef. Changes will be overwritten.
iptables-restore < /etc/iptables.rules
exit 0

7
site-cookbooks/lctp-network/files/default/iptables-save Normal file
View File

@ -0,0 +1,7 @@
#!/bin/sh
# iptables-save managed by Chef. Changes will be overwritten.
iptables-save -c > /etc/iptables.rules
if [ -f /etc/iptables.downrules ]; then
iptables-restore < /etc/iptables.downrules
fi
exit 0

15
site-cookbooks/lctp-network/files/default/test/default_test.rb Normal file
View File

@ -0,0 +1,15 @@
require 'minitest/spec'
describe_recipe 'lctp-network::default' do
it "assign a ip for every device" do
node.lctp_network.interfaces.keys.each do |interface|
assert_sh("ifconfig #{interface} | grep -q 'inet addr'")
end
end
it "should be able to resolve dns" do
assert_sh("host examples.com")
end
it "should be able to reach the internet" do
assert_sh("ping -c 1 examples.com")
end
end

7
site-cookbooks/lctp-network/files/default/test/router_test.rb Normal file
View File

@ -0,0 +1,7 @@
require 'minitest/spec'
describe_recipe 'lctp-network::default' do
it "starts the named daemon" do
assert_sh("iptables -L -t nat | grep -q MASQUERADE")
end
end

3
site-cookbooks/lctp-network/metadata.rb Normal file
View File

@ -0,0 +1,3 @@
name "lctp-network"
depends "network_interfaces"
depends "modules"

44
site-cookbooks/lctp-network/recipes/default.rb Normal file
View File

@ -0,0 +1,44 @@
include_recipe "network_interfaces"
package "ifmetric"
cookbook_file "/etc/network/interfaces" do
source "interfaces"
mode 0644
owner "root"
group "root"
end
network = node.lctp_network
unless network.domain_servers.empty? and network.search_domains.empty?
file "/etc/dhcp/dhclient-enter-hooks.d/resolvconf" do
action :delete
end
template "/etc/resolv.conf" do
source "resolv.conf.erb"
variables(network: network)
end
end
network.interfaces.each do |device, iface|
network_interfaces device do
if iface.attribute? "metric"
metric iface.metric
end
if iface.attribute? "static_ip"
target iface.static_ip
if iface.attribute? "netmask"
mask iface.netmask
else
mask "255.255.255.0"
end
bootproto "static"
else
bootproto "dhcp"
end
end
end

38
site-cookbooks/lctp-network/recipes/router.rb Normal file
View File

@ -0,0 +1,38 @@
execute "iptables-load" do
action :nothing
command "/etc/network/if-pre-up.d/iptables-load"
end
template "/etc/iptables.rules" do
source "iptables.rules.erb"
mode 0644
owner "root"
group "root"
end
modules "iptable_nat"
modules "ipt_MASQUERADE"
execute "enable ip_forward" do
command "sysctl -w net.ipv4.ip_forward=1"
end
file "/etc/sysctl.d/10-ip-forwarding.conf" do
mode "0644"
content "net.ipv4.ip_forward = 1"
end
cookbook_file "/etc/network/if-pre-up.d/iptables-load" do
source "iptables-load"
mode 0755
owner "root"
group "root"
notifies :run, "execute[iptables-load]"
end
cookbook_file "/etc/network/if-post-down.d/iptables-save" do
source "iptables-save"
mode 0755
owner "root"
group "root"
end

10
site-cookbooks/lctp-network/templates/default/iptables.rules.erb Normal file
View File

@ -0,0 +1,10 @@
# iptables.rules for <%= @node.name %> managed by Chef. Changes will be overwritten.
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
# masquerading (NAT)
-A POSTROUTING -o <%= @node.lctp_network.gateway_device %> -j MASQUERADE
COMMIT

5
site-cookbooks/lctp-network/templates/default/resolv.conf.erb Normal file
View File

@ -0,0 +1,5 @@
# resolv.conf for <%= @node.name %> managed by Chef. Changes will be overwritten.
<% @network.domain_servers.each do |server| -%>
nameserver <%= server %>
<% end -%>
search <%= @network.search_domains.join(" ") %>

2
site-cookbooks/main/attributes/head_node.rb
View File

@ -1,2 +0,0 @@
default.main.head_node.internal_ip = "192.168.2.1"
default.main.head_node.internal_network_device = "eth1"

1
site-cookbooks/main/metadata.rb
View File

@ -3,4 +3,5 @@ depends "apt"
depends "ntp" depends "ntp"
depends "dhcp" depends "dhcp"
depends "bind" depends "bind"
depends "lctp-network"
depends "minitest-handler" depends "minitest-handler"

1
site-cookbooks/main/recipes/compute_node.rb
View File

@ -1,3 +1,4 @@
include_recipe "minitest-handler" include_recipe "minitest-handler"
include_recipe "lctp-network"
include_recipe "apt" include_recipe "apt"
include_recipe "ntp" include_recipe "ntp"

8
site-cookbooks/main/recipes/head_node.rb
View File

@ -1,11 +1,7 @@
include_recipe "minitest-handler" include_recipe "minitest-handler"
include_recipe "lctp-network"
include_recipe "lctp-network::router"
include_recipe "apt" include_recipe "apt"
include_recipe "ntp" include_recipe "ntp"
include_recipe "bind" include_recipe "bind"
ifconfig node.main.head_node.internal_ip do
provider Chef::Provider::Ifconfig::Debian
device node.main.head_node.internal_network_device
end
include_recipe "dhcp" include_recipe "dhcp"

23
spec/coobooks/dhcp_spec.rb
View File

@ -3,11 +3,24 @@ require_relative '../spec_helper'
describe 'dhcp::default' do describe 'dhcp::default' do
let(:chef_run) do let(:chef_run) do
ChefSpec::Runner.new do |node| ChefSpec::Runner.new do |node|
node.set["dhcp"]["hosts"] =[{ node.set["dhcp"] ={
name: "node0", domain: {
mac: "5c:a1:ab:1e:00:01", names: ["foo"],
ip: "172.28.128.101" servers: ["node0.foo"]
}] },
ntp_servers: ["foo.lctp"],
interfaces: ["eth1"],
subnet: {
gateway: "172.28.128.1",
prefix: "172.28.128.0",
netmask: "255.255.255.0"
},
hosts: {
node1: {
mac: "5c:a1:ab:1e:00:02"
}
}
}
end.converge(described_recipe) end.converge(described_recipe)
end end

42
spec/coobooks/lctp-network_spec.rb Normal file
View File

@ -0,0 +1,42 @@
require_relative '../spec_helper'
describe 'lctp-network::default' do
let(:chef_run) do
ChefSpec::Runner.new do |node|
node.set["lctp_network"] = {
domain_servers: ["127.0.0.1"],
search_domains: ["lctp"],
interfaces: {
eth0: { },
eth1: {
static_ip: "10.0.0.1"
}
}
}
end.converge(described_recipe)
end
it "should include cookbooks" do
chef_run.should render_file("/etc/network/interfaces")
chef_run.should render_file("/etc/resolv.conf").
with_content("127.0.0.1").with_content("lctp")
eth0 = chef_run.find_resource(:network_interfaces, "eth0")
eth0.should_not == nil
eth0.bootproto.should == "dhcp"
eth1 = chef_run.find_resource(:network_interfaces, "eth1")
eth1.should_not == nil
eth1.bootproto.should == "static"
eth1.target.should == "10.0.0.1"
eth1.mask.should == "255.255.255.0" # default netmask
end
end
describe 'lctp-network::router' do
let(:chef_run) { ChefSpec::Runner.new.converge(described_recipe) }
it "should setup NAT" do
chef_run.should render_file("/etc/network/if-pre-up.d/iptables-load")
chef_run.should render_file("/etc/network/if-post-down.d/iptables-save")
chef_run.should render_file("/etc/iptables.rules").with_content("eth0")
end
end

15
spec/coobooks/main_spec.rb
View File

@ -3,18 +3,11 @@ require_relative '../spec_helper'
describe 'main::head_node' do describe 'main::head_node' do
let(:chef_run) do let(:chef_run) do
ChefSpec::Runner.new do |node| ChefSpec::Runner.new do |node|
node.set["main"] = {
head_node: {
internal_ip: "10.10.1.1",
internal_network_device: "10.10.1.1"
}
}
end.converge(described_recipe) end.converge(described_recipe)
end end
it "should include cookbooks" do it "should include cookbooks" do
chef_run.should include_recipe('ntp') cookbooks = %w{minitest-handler apt ntp lctp-network lctp-network::router bind dhcp}
chef_run.should include_recipe('bind') cookbooks.each { |cookbook| chef_run.should include_recipe(cookbook) }
chef_run.should include_recipe('dhcp')
end end
end end
@ -24,7 +17,7 @@ describe 'main::compute_node' do
end.converge(described_recipe) end.converge(described_recipe)
end end
it "should include cookbooks" do it "should include cookbooks" do
chef_run.should include_recipe('apt') cookbooks = %w{minitest-handler apt ntp lctp-network}
chef_run.should include_recipe('ntp') cookbooks.each { |cookbook| chef_run.should include_recipe(cookbook) }
end end
end end